Hi, On Mon, Jun 17, 2013 at 01:00:03PM +0200, Alberto Gonzalez Iniesta wrote: > I applied the fix for CVE-2013-2061 [0] to Debian's stable version of > openvpn (2.2.1) [1]. When the new package was sent to the mirrors I got > a couple of reports of broken VPNs [2]. After some testing I think the > problem arises with the use of "multihome" option. The server daemon > starts to log lots of these: > Jun 17 12:43:52 srv ovpn-srv[31073]: write UDPv4 []: Invalid argument > (code=22) > Jun 17 12:43:53 srv ovpn-srv[31073]: write UDPv4 []: Invalid argument > (code=22) > > If the "multihome" option is removed, the VPN comes back to live. > > Could a patch to fix this be made or should we go back to 2.2.1 without > the patch to fix CVE-2013-2061?
This patch is most definitely not affecting multihome. If you look at
the patch, there is nothing in there that could affect external behaviour
(except remove the timing variance).
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpML4c8x4YGM.pgp
Description: PGP signature
